by
play

By: Muhammad Abbas, Luis Magsumbol, Peter Yambao & Eric Group - PowerPoint PPT Presentation

Feb 03, 2024 •294 likes •490 views

SEC625 Group Presentation By: Muhammad Abbas, Luis Magsumbol, Peter Yambao & Eric Group Plan Divided work Decided Services (Implementation) Calculation for VMs Windows or Linux Network Details Group Plan How to Divide

  1. SEC625 Group Presentation By: Muhammad Abbas, Luis Magsumbol, Peter Yambao & Eric

  2. Group Plan ■ Divided work ■ Decided Services (Implementation) ■ Calculation for VMs ■ Windows or Linux ■ Network Details

  3. Group Plan ■ How to Divide networks ■ Clients (How many?) ■ Windows or Linux ■ Client Access ■ Security as one

  4. Active Directory and DNS ■ Server 2008 R2 ■ Installed Microsoft Security Essentials ■ Updated the System ■ Updated Anti-Virus Definitions ■ Network Configuration (2 Networks)

  5. Active Directory and DNS ■ Networks (Intranet and Internet) ■ Change Local Admin name ■ Installed AD DS role ■ Created OUs and Users ■ Group Policies ■ Downloaded Wireshark

  6. Group Policies ■ Password Age (42 days) ■ Password Length (7 Characters) ■ Domain Wide ■ Hide last logged in User ■ Disable Command Prompt (Non-IT Departements)

  7. DHCP and Mail Server ■ Server 2008 R2 ■ Installed Microsoft Security Essentials ■ Network Configuration (Intranet and Internet) ■ Changed Local Administrator name ■ Joined Server to AD domain

  8. DHCP and Mail Server ■ DHCP leases different IPs ■ Mail configured only for internal use ■ Mail password different from AD ■ Passwords encrypted ■ Built-In Database

  9. Apache Server ■ Updated Linux operating system to latest version ■ Disabled unneeded services – firewalld.service, irqbalance.service, abrtd.service, polkit.service, smartd.service, wpa_supplicant.service, atd.service ■ Installed Logwatch ■ Logging and monitoring of system activity using Logwatch and default log files

  10. Apache Server ■ Installed latest version of Apache Package (httpd) ■ Added ‘ ServerSignature Off’ and ‘ ServerTokens Prod’ lines in config file – Hides operating system name and version from being shown by browser ■ Created index.html in Document Root – hides the listing of files in the directory, displayed by default

  11. Apache Server ■ Installed mod_security module – (firewall for web applications, monitor traffic real-time, protect from brute-force attacks) ■ Configured self-signed SSL: – installed mod_ssl module – made directory storing private key accessible only by root user – SSL key and certificate command: ■ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt

  12. Apache Server (Specific Security) ■ Set up secure SSL parameters ■ Disabled info_module which can leak sensitive information using .htaccess

  13. Apache Server (Firewall) ■ Installed latest version of IPTABLES ■ Changed default policy to drop all traffic by default for all rules (rule of least privilege) ■ Only allow http port 80 and https port 443 traffic from within local network

  14. Apache Server ■ Documented changes for future reference ■ Apache server installed in it’s own machine and separated from other services (zoning) ■ If I had more time: – More research and configured Mod Security module – Improved logging by configuring mod_log_config module – Did more research and adjusted the timeout, maxclients, keepalivetimeout, limitrequestfields, and limitrequestfieldsize directives to protect against DDOS

  15. Client ■ Window 7 was what the group choose to use but the official website will redirect me to Window 10 instead ■ Windows update took several hours because I ended up downloading Window 7 from some other site and it is not updated ■ Getting our VM was problematic because I use VMware to install my client and the group use Virtual Box ■ When I install my Client I choose the default split virtual disk which made it very hard to import to Virtual Box

  16. Client ■ Client defenses are for blocking attacks that pass the perimeter or from the internal network ■ Things I have done to harden our clients include – Using local policies to limit and separate the standard user/admin account – Install/configure Antivirus software – Configure the Firewall to only allow services the group wants – Disable what is not being used ■ While all of these will provide a screen to attacks at best the point is to make it a little harder to attackers

  17. Samba ■ Initial Security Configurations – Update, Turn off unneeded services ■ Network Security – Firewall rules ■ Host Security – File Permissions, logwatch, strong user passwords ■ Application Security – Configuration file

  18. Firewall Server ■ Applying the rule of least privilege ■ Deny everything unless a rule matches ■ Configure logging to notice anomalies ■ Specify state, source, and destination addresses/ports for more focused firewall rules – Iptab ptables les – I (chain hain) – s I IP addr dres ess s – d IP address dress – sport t ## -- --dpor port ## ## -m m conntrac nntrack – cts tsta tate NEW,R ,RELA LATED,E TED,ESTABLI BLISHE HED -j ACCEPT PT

  19. THANK YOU

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp .. -jar myapp.jar Java 9 java -cp .. -jar myapp.jar Today's journey Running on Java 9 Java 9 modules Migrating to modules Modularising code

851 views • 45 slides
International Email Addresses in X.509 Dmitry Belyavskiy T echnical Centre of Internet ICANN 60

International Email Addresses in X.509 Dmitry Belyavskiy T echnical Centre of Internet ICANN 60

International Email Addresses in X.509 Dmitry Belyavskiy T echnical Centre of Internet ICANN 60 T ech Day, Abu-Dhabi October 30, 2017 EAI: history IETF EAI workgroup: 2007-2010: experimental RFCs 2012: final RFCs 653x: SMTP

255 views • 12 slides
Mozambique Real Opportunity Benchmark Mineral Intelligence Graphite and Anodes Conference

Mozambique Real Opportunity Benchmark Mineral Intelligence Graphite and Anodes Conference

Mozambique Real Opportunity Benchmark Mineral Intelligence Graphite and Anodes Conference 2018 1 Graphite Price Forecast Benchmark Mineral Intelligence Balama Central Project Basket Price BAT Montepuez Project Basket Price 2

518 views • 23 slides
A STITCH IN TIME SAVES NINE / SCHOOL OF ARTS BARBARA MORRIS PRIZE TEAM Making accessibility

A STITCH IN TIME SAVES NINE / SCHOOL OF ARTS BARBARA MORRIS PRIZE TEAM Making accessibility

The UKs European university A STITCH IN TIME SAVES NINE / SCHOOL OF ARTS BARBARA MORRIS PRIZE TEAM Making accessibility work for staff and students The UKs European university A STITCH IN TIME SAVES NINE Jacqui Double, Student Support

297 views • 16 slides
Secure Communication in Client-Server Android Apps With a bias towards mobile banking

Secure Communication in Client-Server Android Apps With a bias towards mobile banking

Secure Communication in Client-Server Android Apps With a bias towards mobile banking applications. AFRICA HACKON CONFERENCE, 2016. Convergent Security. whoami Masters Candidate Ethical Hacker Web Developer Jazz fan

599 views • 20 slides
Transforming the foundation of doing business Winter 2019 Safe Harbor This presentation

Transforming the foundation of doing business Winter 2019 Safe Harbor This presentation

Transforming the foundation of doing business Winter 2019 Safe Harbor This presentation contains "forward-looking" statements that are based on our management's beliefs and assumptions and on information currently available to

408 views • 36 slides
IN INTEGRATING DPM, , XBRL AND SDMX DATA Roberto Garca Associate Professor Universitat de

IN INTEGRATING DPM, , XBRL AND SDMX DATA Roberto Garca Associate Professor Universitat de

EXPLORING A SEMANTIC FRAMEWORK FOR IN INTEGRATING DPM, , XBRL AND SDMX DATA Roberto Garca Associate Professor Universitat de Lleida IN INTRODUCTION Pro roliferation financial data and available formats Increased need for ways

178 views • 16 slides
in Eur n Europe ope Frans ns Hietbrink etbrink Strategic Advisor eGovernment Netherlands Tax

in Eur n Europe ope Frans ns Hietbrink etbrink Strategic Advisor eGovernment Netherlands Tax

ES ESEF EF impli plicatio cations ns on n SBR BR p program ograms in Eur n Europe ope Frans ns Hietbrink etbrink Strategic Advisor eGovernment Netherlands Tax Administration Chair SBR Working Group of XBRL Europe SBR BR i in n

232 views • 9 slides
XBRL Updates Sharing XBRL good practices for Business Registers at the European Level A step

XBRL Updates Sharing XBRL good practices for Business Registers at the European Level A step

XBRL Updates Sharing XBRL good practices for Business Registers at the European Level A step towards convergence Thomas Verdin, EU BR WG Chair Remember me XBRL What & Why? XBRL is the universal language for the financial

422 views • 8 slides
Improving Regulatory Data Collection for Everyone Beju Shah Head of Data Collection &

Improving Regulatory Data Collection for Everyone Beju Shah Head of Data Collection &

Improving Regulatory Data Collection for Everyone Beju Shah Head of Data Collection & Publication TECHNOLOGY Disclaimer This session is presented under Chatham House rules therefore no comments or content should be attributed to

558 views • 29 slides
EMPOWERING AGILITY About Us iWeb Technology Solutions Pvt. Ltd. is an innovative web- based

EMPOWERING AGILITY About Us iWeb Technology Solutions Pvt. Ltd. is an innovative web- based

EMPOWERING AGILITY About Us iWeb Technology Solutions Pvt. Ltd. is an innovative web- based platform technology (PaaS) company empowering the underserved Small & Medium Sized Enterprise segment (SMEs) to re-engineer business

279 views • 6 slides
(DATA Act) Implementation Update Christina Ho, Deputy Assistant Secretary for Accounting Policy

(DATA Act) Implementation Update Christina Ho, Deputy Assistant Secretary for Accounting Policy

Better Data, Better Decisions, Better Government: Digital Accountability and Transparency Act (DATA Act) Implementation Update Christina Ho, Deputy Assistant Secretary for Accounting Policy and Financial Transparency U.S. Department of the

433 views • 16 slides
Innovation Working Group Chuck Landes, IAASB Deputy Chair and Working Group Chair IAASB Meeting

Innovation Working Group Chuck Landes, IAASB Deputy Chair and Working Group Chair IAASB Meeting

Innovation Working Group Chuck Landes, IAASB Deputy Chair and Working Group Chair IAASB Meeting September 2015 Agenda Item 8-B Page 1 Purpose of the Session Inform the IAASB on new developments that may have an impact on international

376 views • 16 slides
Undergraduate Student Investment Management Fund Semi-Annual Presentation Friday December 4 th ,

Undergraduate Student Investment Management Fund Semi-Annual Presentation Friday December 4 th ,

Implementation Financial Theory Student Investment Management Fund Student Investment Management Fund Undergraduate Student Investment Management Fund Semi-Annual Presentation Friday December 4 th , 2015 1 Implementation Financial Theory

624 views • 38 slides
Peoples United Financial, Inc. (Exact name of registrant as specified in its charter) Delaware

Peoples United Financial, Inc. (Exact name of registrant as specified in its charter) Delaware

UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM 8-K CURRENT REPORT Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 Date of Report (Date of earliest event reported) February 13, 2020

870 views • 50 slides
Consumer Protection and Reloadable Prepaid Cards Federal Regulation of the Prepaid Card Industry

Consumer Protection and Reloadable Prepaid Cards Federal Regulation of the Prepaid Card Industry

Consumer Protection and Reloadable Prepaid Cards Federal Regulation of the Prepaid Card Industry Federal Reserve Bank of Philadelphia April 2010 Lauren Saunders National Consumer Law Center Types of Reloadable Prepaid Cards Privately

469 views • 15 slides
Deception and Consumer Protection in Competitive Markets Paul Heidhues ESMT This presentation

Deception and Consumer Protection in Competitive Markets Paul Heidhues ESMT This presentation

Deception and Consumer Protection in Competitive Markets Paul Heidhues ESMT This presentation is based on joint work with B. K oszegi as well as B. K oszegi and T. Murooka 1 / 19 Consumer Misunderstandings in Markets A recent body

356 views • 19 slides
Interim Results Presentation H1 2018 0 Oakley Oa kley Capital Capital Inves Investm tmen

Interim Results Presentation H1 2018 0 Oakley Oa kley Capital Capital Inves Investm tmen

Interim Results Presentation H1 2018 0 Oakley Oa kley Capital Capital Inves Investm tmen ents ts Six Six Months o Months of Pr f Progre ogress ss 1 2 3 Growing shareholder NAV discount gap Portfolio performance closing

581 views • 40 slides
NCI-AD Adult Consumer Survey 2015-2016 RESULTS May 17, 2017 NCI-AD Overview 2 What is NCI-

NCI-AD Adult Consumer Survey 2015-2016 RESULTS May 17, 2017 NCI-AD Overview 2 What is NCI-

NCI-AD Adult Consumer Survey 2015-2016 RESULTS May 17, 2017 NCI-AD Overview 2 What is NCI- AD? Quality of life and outcomes survey for seniors and adults with physical disabilities (including ABI/TBI) Assesses outcomes of state LTSS

461 views • 35 slides
Demographic Trends, Consumer Preferences and Housing Demand Gregg Logan, Managing Director AFCD

Demographic Trends, Consumer Preferences and Housing Demand Gregg Logan, Managing Director AFCD

Demographic Trends, Consumer Preferences and Housing Demand Gregg Logan, Managing Director AFCD Board Meeting | September 2011 ABOUT OUR FIRM SERVICES Market & Financial Analysis Project Segmentation, Positioning, & Pricing Builder

449 views • 26 slides
Auto Dealer Loan Intermediation: Consumer Behavior and Competitive Effects Andreas Grunewald

Auto Dealer Loan Intermediation: Consumer Behavior and Competitive Effects Andreas Grunewald

Auto Dealer Loan Intermediation: Consumer Behavior and Competitive Effects Auto Dealer Loan Intermediation: Consumer Behavior and Competitive Effects Andreas Grunewald (Bonn), Jonathan Lanning (Chicago Fed), David Low (CFPB), Tobias Salz (MIT)

510 views • 38 slides
Real Driving Emissions tests and restoring consumer trust in the automotive sector Chris

Real Driving Emissions tests and restoring consumer trust in the automotive sector Chris

Real Driving Emissions tests and restoring consumer trust in the automotive sector Chris Carroll, Project Coordinator on Sustainable Transport Real Driving Emissions Tests European Parliament 23 rd February 2016 41 members in 31

476 views • 11 slides
Powerlink Customer & Consumer Panel 27 October 2016 Agenda Welcome and introductions

Powerlink Customer & Consumer Panel 27 October 2016 Agenda Welcome and introductions

Powerlink Customer & Consumer Panel 27 October 2016 Agenda Welcome and introductions AERs Draft Decision overview Powerlinks Revised Revenue Proposal: Capital expenditure forecast STPIS Afternoon tea

656 views • 42 slides
Efficient Lighting: Background and Discussion May 29, 2014 2 Agenda Introductions

Efficient Lighting: Background and Discussion May 29, 2014 2 Agenda Introductions

Efficient Lighting: Background and Discussion May 29, 2014 2 Agenda Introductions Roadmap Background Consumer Research Background References Library Discussion Framework 3 Roadmap Background Stakeholders

414 views • 14 slides

More recommend